cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by nicolas (administrator) on NICO on 11-07-2014 12:54:04
Running from C:\Users\nicolas\Desktop
Platform: Windows 8 (X64) OS Language: Français (France)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [661400 2012-11-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-10] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {9F85E0C0-632B-4AA6-AD46-EBCC7C0413B8} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {DB944CC9-4ECE-4CDF-B4FF-29A9D7192290} - No File
Toolbar: HKLM-x32 - No Name - {DB944CC9-4ECE-4CDF-B4FF-29A9D7192290} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR HomePage: about:blank
CHR StartupUrls: "about:blank"
CHR DefaultSearchKeyword: google
CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (AdBlock) - C:\Users\nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-07]
CHR Extension: (avast! Online Security) - C:\Users\nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-10]
CHR Extension: (Google Wallet) - C:\Users\nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-10]
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-10] (AVAST Software)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [470088 2013-03-12] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-10] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 iSafeKrnlBoot; \??\system32\DRIVERS\iSafeKrnlBoot.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-11 12:54 - 2014-07-11 12:54 - 00009785 _____ () C:\Users\nicolas\Desktop\FRST.txt
2014-07-11 12:53 - 2014-07-11 12:54 - 00000000 ____D () C:\FRST
2014-07-11 12:52 - 2014-07-11 12:52 - 02084864 _____ (Farbar) C:\Users\nicolas\Desktop\FRST64.exe
2014-07-07 19:37 - 2014-07-07 19:37 - 00019626 _____ () C:\Users\nicolas\Desktop\ZHPDiag.txt
2014-07-07 19:33 - 2014-07-07 19:33 - 00003576 _____ () C:\Users\nicolas\Desktop\ZHPFixReport.txt
2014-07-07 19:29 - 2014-07-07 19:29 - 00054432 _____ () C:\Users\nicolas\Desktop\SFTGC.txt
2014-07-07 19:28 - 2014-07-07 19:28 - 01057696 _____ () C:\Users\nicolas\Downloads\SFTGC.exe
2014-07-07 19:20 - 2014-07-07 19:20 - 00059711 _____ () C:\Users\nicolas\Desktop\mbam.txt
2014-07-07 13:55 - 2014-07-07 19:35 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\ZHP
2014-07-07 13:55 - 2014-07-07 13:55 - 00001959 _____ () C:\Users\nicolas\Desktop\ZHPFix.lnk
2014-07-07 13:55 - 2014-07-07 13:55 - 00001832 _____ () C:\Users\nicolas\Desktop\ZHPDiag.lnk
2014-07-07 13:55 - 2014-07-07 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-07-07 13:55 - 2014-07-07 13:55 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-07-07 13:53 - 2014-07-07 13:54 - 06857466 _____ (Nicolas Coolman ) C:\Users\nicolas\Downloads\ZHPDiag2.exe
2014-07-07 13:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-07 13:43 - 2014-07-07 13:48 - 00000000 ____D () C:\AdwCleaner
2014-07-07 13:43 - 2014-07-07 13:43 - 01346519 _____ () C:\Users\nicolas\Desktop\adwcleaner_3.214.exe
2014-07-07 13:37 - 2014-07-07 13:37 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\VSRevoGroup
2014-07-07 13:18 - 2014-07-11 12:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 13:15 - 2014-07-07 13:15 - 00001074 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-07 13:15 - 2014-07-07 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-07 13:15 - 2014-07-07 13:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 13:15 - 2014-07-07 13:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-07 13:15 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-07 13:15 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-07 13:15 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-07 12:42 - 2014-07-07 12:42 - 00001236 _____ () C:\Users\nicolas\Desktop\Revo Uninstaller.lnk
2014-07-07 12:42 - 2014-07-07 12:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-07 12:33 - 2014-07-07 12:34 - 00000780 _____ () C:\Windows\setupact.log
2014-07-07 12:33 - 2014-07-07 12:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:39 - 2014-07-02 20:39 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JGArcadeApp
2014-07-02 20:39 - 2014-07-02 20:39 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\JGArcadeApp
2014-07-02 20:25 - 2014-07-02 20:30 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\rightbackup
2014-07-02 17:29 - 2014-07-07 13:48 - 00076074 _____ () C:\Windows\PFRO.log
2014-06-29 17:52 - 2014-07-10 17:03 - 00286844 _____ () C:\Windows\WindowsUpdate.log
2014-06-29 17:40 - 2014-06-29 17:40 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\Macromedia
2014-06-26 17:37 - 2014-06-26 17:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-13 15:52 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 15:52 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 15:52 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 15:52 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-13 15:52 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 15:52 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 15:52 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 15:52 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 15:52 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 15:52 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 15:52 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 15:52 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 15:52 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 15:52 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 15:52 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 15:52 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 15:52 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 15:52 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 15:52 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 15:52 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 15:52 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-13 14:31 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-13 14:31 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-13 14:31 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-13 14:31 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-13 14:31 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-13 14:31 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-13 14:31 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-13 14:31 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-13 14:31 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-13 14:23 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 14:23 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-13 14:23 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

==================== One Month Modified Files and Folders =======

2014-07-11 12:54 - 2014-07-11 12:54 - 00009785 _____ () C:\Users\nicolas\Desktop\FRST.txt
2014-07-11 12:54 - 2014-07-11 12:53 - 00000000 ____D () C:\FRST
2014-07-11 12:52 - 2014-07-11 12:52 - 02084864 _____ (Farbar) C:\Users\nicolas\Desktop\FRST64.exe
2014-07-11 12:51 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-11 12:47 - 2014-07-07 13:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 12:47 - 2014-05-07 16:44 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-11 12:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-10 17:09 - 2013-12-22 07:33 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-07-10 17:03 - 2014-06-29 17:52 - 00286844 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 20:39 - 2014-06-10 13:40 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-08 21:58 - 2014-05-07 16:44 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-08 20:44 - 2014-05-04 10:40 - 00000000 ____D () C:\temp
2014-07-07 19:37 - 2014-07-07 19:37 - 00019626 _____ () C:\Users\nicolas\Desktop\ZHPDiag.txt
2014-07-07 19:35 - 2014-07-07 13:55 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\ZHP
2014-07-07 19:33 - 2014-07-07 19:33 - 00003576 _____ () C:\Users\nicolas\Desktop\ZHPFixReport.txt
2014-07-07 19:29 - 2014-07-07 19:29 - 00054432 _____ () C:\Users\nicolas\Desktop\SFTGC.txt
2014-07-07 19:28 - 2014-07-07 19:28 - 01057696 _____ () C:\Users\nicolas\Downloads\SFTGC.exe
2014-07-07 19:20 - 2014-07-07 19:20 - 00059711 _____ () C:\Users\nicolas\Desktop\mbam.txt
2014-07-07 14:05 - 2013-12-22 16:06 - 00800978 _____ () C:\Windows\system32\perfh00C.dat
2014-07-07 14:05 - 2013-12-22 16:06 - 00155650 _____ () C:\Windows\system32\perfc00C.dat
2014-07-07 14:05 - 2012-07-26 09:28 - 01793362 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-07 13:55 - 2014-07-07 13:55 - 00001959 _____ () C:\Users\nicolas\Desktop\ZHPFix.lnk
2014-07-07 13:55 - 2014-07-07 13:55 - 00001832 _____ () C:\Users\nicolas\Desktop\ZHPDiag.lnk
2014-07-07 13:55 - 2014-07-07 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-07-07 13:55 - 2014-07-07 13:55 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-07-07 13:54 - 2014-07-07 13:53 - 06857466 _____ (Nicolas Coolman ) C:\Users\nicolas\Downloads\ZHPDiag2.exe
2014-07-07 13:51 - 2014-06-10 14:37 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-07 13:49 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-07 13:48 - 2014-07-07 13:43 - 00000000 ____D () C:\AdwCleaner
2014-07-07 13:48 - 2014-07-02 17:29 - 00076074 _____ () C:\Windows\PFRO.log
2014-07-07 13:43 - 2014-07-07 13:43 - 01346519 _____ () C:\Users\nicolas\Desktop\adwcleaner_3.214.exe
2014-07-07 13:40 - 2014-05-19 14:28 - 00000000 ____D () C:\ProgramData\be6eed63e4f57f84
2014-07-07 13:40 - 2014-05-03 14:45 - 00000000 ____D () C:\Users\nicolas\AppData\Local\CrashDumps
2014-07-07 13:40 - 2013-10-16 12:30 - 00000000 ____D () C:\Windows\Panther
2014-07-07 13:37 - 2014-07-07 13:37 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\VSRevoGroup
2014-07-07 13:28 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-07-07 13:28 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-07 13:15 - 2014-07-07 13:15 - 00001074 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-07 13:15 - 2014-07-07 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-07 13:15 - 2014-07-07 13:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 13:15 - 2014-07-07 13:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-07 13:06 - 2014-05-07 16:51 - 03076096 _____ () C:\Users\nicolas\AppData\Local\ChromeHitoryDB
2014-07-07 12:54 - 2014-05-05 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-07-07 12:52 - 2014-05-26 20:46 - 00000000 ____D () C:\Program Files (x86)\PC Drivers HeadQuarters
2014-07-07 12:42 - 2014-07-07 12:42 - 00001236 _____ () C:\Users\nicolas\Desktop\Revo Uninstaller.lnk
2014-07-07 12:42 - 2014-07-07 12:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-07 12:34 - 2014-07-07 12:33 - 00000780 _____ () C:\Windows\setupact.log
2014-07-07 12:33 - 2014-07-07 12:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-03 19:46 - 2014-04-21 22:37 - 00000000 ____D () C:\Users\nicolas
2014-07-03 15:27 - 2014-04-22 01:35 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-409255250-1720265387-2412137528-1001
2014-07-02 20:39 - 2014-07-02 20:39 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JGArcadeApp
2014-07-02 20:39 - 2014-07-02 20:39 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\JGArcadeApp
2014-07-02 20:30 - 2014-07-02 20:25 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\rightbackup
2014-06-29 17:40 - 2014-06-29 17:40 - 00000000 ____D () C:\Users\nicolas\AppData\Roaming\Macromedia
2014-06-29 13:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-28 11:16 - 2014-05-04 10:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
2014-06-27 14:58 - 2014-05-07 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 17:37 - 2014-06-26 17:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-22 12:53 - 2014-05-07 16:44 - 00004052 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 12:53 - 2014-05-07 16:44 - 00003816 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 00:19 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-06-17 19:52 - 2014-06-10 13:35 - 00000000 ____D () C:\Program Files (x86)\Premium Software
2014-06-16 21:08 - 2014-06-10 13:40 - 00003890 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-16 12:46 - 2014-05-07 16:47 - 00002153 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-14 11:06 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-13 16:40 - 2014-04-23 22:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 16:37 - 2014-04-23 22:07 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 21:12

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité